Date post: | 21-Oct-2014 |
Category: |
Technology |
View: | 3,566 times |
Download: | 1 times |
Unifying Your IT Infrastructure with System Center Configuration Manager
MARK THOMPSON
IT CONSULTANT & TRAINER
Agenda
Introduction System Center Products What Does it do? Is SCCM a fit for you? Key differences between 2007 & 2012 System Center and the Microsoft Private Cloud Planning and Design, how do we get started? System Center Licensing: by John Kelbley Demonstration- Inventory, Metering, Deployment Q & A
System Center Products
Overview of the System Center 2012 Family of Products
System Center Product Usage
System Center 2012App Controller
• Self-service access for private cloud and public cloud applications
System Center 2012 Configuration Manager
• Change and configuration management
System Center 2012 Data Protection Manager (DPM)
• Data protection for application servers
System Center 2012 Endpoint Protection • Malware protection for client systems
System Center 2012 Operations Manager • Monitor applications, services, and devices
System Center 2012Orchestrator
• Automation of IT processes• Integration with other management solutions
System Center 2012 Service Manager • Integrated service desk• Automation of IT processes
System Center 2012 Virtual Machine Manager
• Manage virtualized infrastructures• Build private clouds
System Center 2012 Components
App Controller– App Controller helps IT administrators manage private and
public clouds. Configuration Manager
– Allows IT administrators to:• Deploy applications• Operating systems and software updates• Monitor compliance settings • Gathers hardware and software inventory
– Multivendor platform support
System Center 2012 Components
Data Protection Manager– Backup and recovery solution – Built-in intelligence to backup files and folders, Exchange
server, SQL Server, Virtual Machine Manager, SharePoint, Hyper-V and client systems.
Endpoint Protection– This component provides anti-malware and security
protection for Microsoft systems and services. Operations Manager
– Insight to the state of the IT infrastructure– Support for multiplatform network-device monitoring, as
part of its cloud-based orientation
System Center 2012 Components
Orchestrator– Workflow management solution– Automates the creation, monitoring and deployment of resources in
the datacenter Service Manager
– Automates IT service management – Provides processes for change control, incident and problem
resolution, and asset management. Virtual Machine Manager
– Uses shared physical resources and abstracting hardware to create a flexible platform for applications and services.
– By helping manage “Fabric” resources, IT admins can build private clouds with many benefits such as Self-service and Resource pooling
What Can System Center Configuration Manager 2012 do?
Overview of Configuration Manager 2012
DeploymentDeployment
Application ManagementApplication
Management
Software Update Management
Software Update Management
Operating System Deployment
Operating System Deployment
ContentManagement
ContentManagement
Asset ManagementAsset Management
Hardware and Software Inventory
Hardware and Software Inventory
Asset IntelligenceAsset Intelligence
Software MeteringSoftware Metering
Remote Management
Remote Management
ReportingReporting
MonitoringMonitoring
Role-based Administration
Role-based Administration
NAPNAP
SecuritySecurity
Endpoint ProtectionEndpoint Protection
Compliance SettingsCompliance Settings
Power ManagementPower Management
Compliance ManagementCompliance
Management
ClientHealthClientHealth
What does System Center Configuration manager do?
Unify Infrastructure
Reduce costs by unifying
IT management infrastructure.
Reduced Infrastructure Requirements
Unified Management of Virtual Clients
Endpoint Protection
Software Update Management
Compliance & Settings Management
Power Management
Internet-based Client Management
Operating System DeploymentMultiple Deployment Method Support
• PXE initiated deployment allows client computers to request deployment over the network
• Multi-cast deployment to conserve network bandwidth
• Stand-alone media deployment for no network connectivity or low bandwidth
• Pre-staged media deployment allows you to deploy an operating system to a computer that is not fully provisioned
USMT 4.0 UI integration makes it easier transfer files and user settings from one machine to another
CAS
Primary Site
MP Role
Primary Site
DP Role
Image Task Sequence
Report
WDS PXE Server
Simplify
Client Activity and Health
• In-console view of client health• Threshold-based console alerts• Heartbeat DDRs• HW/SW inventory and status• Remediation (same as Setting
Management)
Simplify
Asset Intelligence, Inventory, and Software Metering• Consolidated/simplified reporting that allows you to • Understand software installation profiles• Plan for hardware upgrades• Identify over or under licensing issues• Track custom apps or groups of titles
Software Metering & License Reports
Asset Intelligence Service
Asset Intelligence Catalog
Real-time Applicationand Hardware Intelligence
ConfigMgr Inventory
Simplify
Remote Control
What's New in Remote Control– Ability to send Ctrl-Alt-
Del keystroke to host device
– Granular client settings per collection
– Lock keyboard and Mouse
– Ability to create Firewall exception rule
– Ccmeval monitors and remediates Remote Control Service
Simplify
7NOKIA
• EAS-based policy delivery
• Discovery and inventory
• Settings policy
• Remote Wipe
Light Management
Secure over-the-air enrollment
Monitor and remediate out-of-compliance devices
Deploy and remove applications
Inventory
Remote wipe(WinCE 5.0, 6.0; Windows Mobile 6.0, 6.1, 6.5.x)
Depth Management
Mobile Device Management
“Light” management via Exchange Provide basic management for all Exchange
ActiveSync (EAS) connected devices Features Supported:
– Discovery/Inventory– Settings policy– Remote Wipe
Supports on-premise Exchange 2010 and hosted Exchange
“Depth” Mobile Device Management
Establishes mutual trust between the device and the management server
Devices enrolled and provisioned securely over-the-air– Admin (or end user) registers new mobile device and
receives one-time PIN from Site Server – Admin sends PIN and enrollment instructions to user– Simplified end user experience and deployment User
enrolls via Enroll utility on mobile device
Managing Virtual Desktop Environments
Management of all virtual desktop deployment scenarios
Orchestration of application delivery across multiple desktop virtualization platforms
Automatic compliance remediation and continuous enforcement for personal desktops
Visibility into noncompliant machines in pooled virtual scenarios
Application Self-Service
Employees can see only applications that they have permission to install.
Personalized Application Experience
System Center Configuration Manager 2012 examines:
User identity Application
dependencies Device type Network bandwidth Administrative
Intent
Loca
l Ins
tall
Pres
enta
tion
Serv
erWindows desktop
Windows Slate
Windows thin client
iPhone
Settings Management
Unified settings management across servers, desktops and mobile devices
ConfigMgr 2007 reports configuration drift – ConfigMgr 2012 can now enforce (Registry, WMI and Script-Based settings)
Improved functionality: – Copy settings– Define compliance SLAs for Baselines to trigger console alerts– Richer reporting to include troubleshooting, conflict, remediation information
Enhanced versioning and audit tracking– Ability to specify specific versions to be used in baselines– Audit tracking includes who changed what
Simplify: Administrative Efficiency
New Administrative experience
• Intuitive ribbon interface
• Role-Based Administration
• In-console alerts
• Global search capability
• New Collection membership rules allow better filtering of members
Key Differences Between SCCM 2007 & SCCM 2012
Migration From Configuration Mgr. 2007 to 2012
Assist with Migration of Objects
Assist with Migration of Clients
Minimize WAN impact
Maximize Re-usability of x64 Server Hardware
Assist with Flattening of Hierarchy
Built-in Migration Feature
Migration Job Types:– Object Migration (Collections, software distribution
packages, boundaries, metering rules etc.)– Collection based Migration (Select a collection and migrate
associated objects) Content functionality:
– Re-use of existing ConfigMgr 2007 content (Distribution Point sharing)
– Distribution Point upgrade Import of ConfigMgr 2007 inventory MOF files
SummaryEm
pow
erU
nify
Sim
plify
2007 R3Device Centric
MDM licensing
2012User Centric
Integrated
Windows and EAS
New
Improved
Integrated
Auto Remediation
Improved
New
2012 SP1Metro style
Windows 8,Mac,LinuxFlexible hierarchies
Real-time actions
User Profile and Data
Improved
Improved
Role-based Administration
Internet-based Client Management
Power Management
Software Update Management
Reduced Infrastructure Requirements
Mobile Device Management
Application Delivery
Compliance & Settings Management
Endpoint Protection
Unified Management of Virtual Clients
Operating System Deployment
Asset Intelligence, Client Health, and Inventory
End user platform support
Application Delivery
Role Based Administration
Enables central management
Administrators see only the tasks relevant to their job role
Security roles and scope simplify administration
Reduce primary sites to separate roles
Functionality ConfigMgr 2007 ConfigMgr 2012
What types of objects can I see and what can I do to them?
Class rights Security roles
Which instances can I see and interact with?
Object instance permissions
Security scopes
Which resources can I interact with?
Site specific resource permissions
Collection limiting
Role Based Administration
Functionality ConfigMgr 2007 ConfigMgr 2012
What types of objects can I see and what can I do to them?
Class rights Security roles
Which instances can I see and interact with?
Object instance permissions Security scopes
Which resources can I interact with?
Site specific resource permissions
Collection limiting
Meg- WW Central System Administrator
Louis-Software Update Manager for France
Bob- US & France Security Admin
• Can see & update “France” desktops
• Cannot modify security settings on “France” desktops
• Cannot see “All Systems” or “U.S.” desktops
• Can see & modify security settings on “France” and “U.S.” desktops
• Cannot update “France” or “U.S.” desktops
• Cannot see “All Systems”
Map the organizational roles of your administrators to defined security roles
• Security organization role• Geography
Reduces error, defines span of control for the organization
How do we get started?
Hardware & Software Requirements Determine Business Requirements Determine Number of clients and Locations Plan SCCM Logical Infrastructure Training or Consultation Licensing
Minimum System RequirementsComponent Minimum Requirement
Site Server and Site Roles Windows Server 2008 (64-bit )Windows Server 2008 R2 (64-bit)
Database SQL Server 2008 SP1 & Cumulative Update 10+ (64-bit)
Distribution Point Windows Server 2003 (including 32-bit) with limited functionalityWindows Vista SP2 and later (including 32-bit)
Client Windows XP SP2 & SP3 (32-bit & 64-bit)Windows 2003 Server SP2 (32-bit & 64-bit)Vista SP2 (32-bit & 64-bit)Windows 7 RTM (32-bit & 64-bit)Windows 7 SP1 (32-bit & 64-bit)Windows 2008 SP2 (32-bit & 64-bit)Windows 2008 R2 RTM (64-bit)Windows 2008 R2 SP1(64-bit)
Admin Console Vista SP2 (32-bit & 64-bit)Windows 7 RTM (32-bit & 64-bit)Windows 7 SP1 (32-bit & 64-bit)Windows 2008 SP2 (32-bit & 64-bit)Windows 2008 R2 RTM (64-bit)Windows 2008 R2 SP1(64-bit)
Determine Business Requirements
Needs may include Inventory and generating reports. Deploying Applications, Operating Systems &
Updates Discuss requirements with the stakeholders to
identify which SCCM features will be implemented
Determine Number of clients and Locations
Number of clients to manage is most important when deciding to deploy Configuration Manager “Sites”
Plan for Data replication if your organization has multiple locations.
Plan SCCM Logical Infrastructure
Determine the number of sites to use for SCCM deployment
Typical scenarios for SCCM deployment include Single primary site Single primary with secondary site Central Administration site Multiple primary sites
Determine the number of sites by identifying:
• Network infrastructure for Configuration Manager 2012• Business requirements for Configuration Manager 2012• Migration requirements from Configuration Manager 2007 to Configuration
Manager 2012• The number of clients that need to be managed and their locations• The following characteristics of your organization:
• The AD DS forest structure• The number of physical locations• Available bandwidth between locations• The location(s) of your IT support
staff• The number of remote clients
Deployment Scenarios
Single primary site Multiple primary sites in a hierarchy
Sites and Hierarchies
Primary Site
Central Administration Site
Primary SitePrimary Site
Secondary Site
Secondary Site
System Center Licensing:
BY JOHN KELBLEY